summaryrefslogtreecommitdiff
path: root/django/template
AgeCommit message (Collapse)Author
2014-12-28Passed a reference to the current engine when instantiating Template.Aymeric Augustin
2014-12-28Removed some uses of global APIs from django.template.loader.Aymeric Augustin
2014-12-28Added Django template backend.Aymeric Augustin
2014-12-28Added jinja2 template backend.Aymeric Augustin
2014-12-28Added dummy template backend.Aymeric Augustin
2014-12-28Added initial support for loading template engines.Aymeric Augustin
2014-12-28Imported BaseEngine from the DEP.Aymeric Augustin
i18n is left aside for now.
2014-12-28Cleaned up the django.template namespace.Aymeric Augustin
Since this package is going to hold both the implementation of the Django Template Language and the infrastructure for Multiple Template Engines, it should be untied from the DTL as much as possible within our backwards-compatibility policy. Only public APIs (i.e. APIs mentioned in the documentation) were left.
2014-12-28Renamed get_template_from_string to from_string.Aymeric Augustin
The shorter name is just as explicit and, well, shorter.
2014-12-28Simplified handling of a default value.Aymeric Augustin
2014-12-27Fixed #23831 -- Supported strings escaped by third-party libs in Django.Aymeric Augustin
Refs #7261 -- Made strings escaped by Django usable in third-party libs. The changes in mark_safe and mark_for_escaping are straightforward. The more tricky part is to handle correctly objects that implement __html__. Historically escape() has escaped SafeData. Even if that doesn't seem a good behavior, changing it would create security concerns. Therefore support for __html__() was only added to conditional_escape() where this concern doesn't exist. Then using conditional_escape() instead of escape() in the Django template engine makes it understand data escaped by other libraries. Template filter |escape accounts for __html__() when it's available. |force_escape forces the use of Django's HTML escaping implementation. Here's why the change in render_value_in_context() is safe. Before Django 1.7 conditional_escape() was implemented as follows: if isinstance(text, SafeData): return text else: return escape(text) render_value_in_context() never called escape() on SafeData. Therefore replacing escape() with conditional_escape() doesn't change the autoescaping logic as it was originally intended. This change should be backported to Django 1.7 because it corrects a feature added in Django 1.7. Thanks mitsuhiko for the report.
2014-12-08Fixed #23968 -- Replaced list comprehension with generators and dict ↵Jon Dufresne
comprehension
2014-12-03Removed redundant numbered parameters from str.format().Berker Peksag
Since Python 2.7 and 3.1, "{0} {1}" is equivalent to "{} {}".
2014-11-25Fixed #23914 -- Improved {% now %} to allow storing its result in the context.Baptiste Mispelon
Thanks to Tim for the review.
2014-11-23Encapsulated TEMPLATE_DEBUG in Engine.Aymeric Augustin
2014-11-23Encapsulated TEMPLATE_STRING_IF_INVALID in Engine.Aymeric Augustin
2014-11-23Encapsulated TEMPLATE_CONTEXT_PROCESSORS in Engine.Aymeric Augustin
Since RequestContext doesn't know its Engine until it's passed to Template.render() -- and cannot without breaking a widely used public API -- an elaborate hack is required to apply context processors.
2014-11-23Encapsulated ALLOWED_INCLUDE_ROOTS in Engine.Aymeric Augustin
2014-11-23Moved make_origin into the Engine class.Aymeric Augustin
2014-11-23Move compile_string into the Engine class.Aymeric Augustin
2014-11-23Added to each Context a reference to the Engine.Aymeric Augustin
It's only available during the rendering.
2014-11-23Removed dependency of template loaders on Django settings.Aymeric Augustin
2014-11-23Moved template loaders management in Engine.Aymeric Augustin
Passed the engine instance to loaders. This is a prerequisite for looking up configuration on the engine instance instead of global settings. This is backwards incompatible for custom template loaders that override __init__. However the documentation doesn't talk about __init__ and the way to pass arguments to custom template loaders isn't specified. I'm considering it a private API.
2014-11-23Removed unused API get_template_loaders.Aymeric Augustin
It was introduced in a recent refactoring so this isn't an issue. Then renamed _get_template_loaders to get_template_loaders.
2014-11-23Introduced a template engine class.Aymeric Augustin
Moved Django templates loading infrastructure there.
2014-11-23Deprecated dirs argument to override TEMPLATE_DIRS.Aymeric Augustin
Cancels 2f0566fa. Refs #4278.
2014-11-22Avoided rewrapping Contexts in render_to_response.Aymeric Augustin
This change preserves backwards-compatibility for a very common misuse of render_to_response which even occurred in the official documentation. It fixes that misuse wherever it happened in the code base and docs. Context.__init__ is documented as accepting a dict and nothing else. Since Context is dict-like, Context(Context({})) could work to some extent. However, things get complicated with RequestContext and that gets in the way of refactoring the template engine. This is the real rationale for this change.
2014-11-19Simplified caching of template context processors.Aymeric Augustin
2014-11-19Simplified caching of templatetags modules.Aymeric Augustin
2014-11-16Removed support for function-based template loaders.Aymeric Augustin
They were deprecated in Django 1.2 but not all the supporting code was removed in Django 1.4. Since the remaining code was unlikely to be functional (pun intended) e.g. it would crash unless the loader function had an is_usable attribute, this commit completes the removal immediately instead of starting another deprecation path.
2014-11-16Used get_template_loaders in the cached loader.Aymeric Augustin
This ensures that enabling the cached loader doesn't change behavior. (Before this commit, it did when the list contained unusable loaders.)
2014-11-16Refactored getting the list of template loaders.Aymeric Augustin
This provides the opportunity to move utility functions specific to the Django Template Language outside of django.template.loader.
2014-11-16Deprecated function-based loaders.Aymeric Augustin
2014-11-16Removed obsolete comment.Aymeric Augustin
It didn't account for class-based template loaders.
2014-11-16Refactored listing template subdirectories in apps.Aymeric Augustin
This change has the nice side effect of removing code that ran at import time and depended on the app registry at module level -- a notorious cause of AppRegistryNotReady exceptions.
2014-11-16Removed skip_template argument of locmem.Loader.load_template_source.Aymeric Augustin
It didn't do anything, wasn't documented and wasn't used anywhere.
2014-11-16Removed the "test:" prefix from locmem template identifiers.Aymeric Augustin
Since it isn't branded as a test utility any more and could be used for other purposes than test code, that prefix no longer makes sense. It wasn't used anywhere either.
2014-11-16Moved all template loaders under django.template.loaders.Aymeric Augustin
Reformatted the code of base.Loader according to modern standards. Turned the test template loader into a regular locmem.Loader -- but didn't document it. Added a normal deprecation path for BaseLoader which is a public API. Added an accelerated deprecation path for TestTemplateLoader which is a private API.
2014-11-15Fixed #23585 - Corrected internal comment.Grzegorz Slusarek
Removed misleading comment and provide correct one, explaining idea behind hardcoded CSRF template context processor.
2014-11-12Fixed #23730 -- Moved support for SimpleCookie HIGHEST_PROTOCOL pickling to ↵Tim Graham
http.cookie. This fix is necessary for Python 3.5 compatibility (refs #23763). Thanks Berker Peksag for review.
2014-11-11Normalized opening a file and decoding its content.Aymeric Augustin
`io.open` is required on Python 2.7. Just `open` would work on Python 3.
2014-11-11Raised SuspiciousFileOperation in safe_join.Aymeric Augustin
Added a test for the condition safe_join is designed to prevent. Previously, a generic ValueError was raised. It was impossible to tell an intentional exception raised to implement safe_join's contract from an unintentional exception caused by incorrect inputs or unexpected conditions. That resulted in bizarre exception catching patterns, which this patch removes. Since safe_join is a private API and since the change is unlikely to create security issues for users who use it anyway -- at worst, an uncaught SuspiciousFileOperation exception will bubble up -- it isn't documented.
2014-11-10Fixed #23789 -- TemplateResponse handles context differently from renderLuke Plant
2014-10-30Fixed #23558 -- documented slugify limitationsDavid Hoffman
2014-10-04Fixed comment typo in django/template/__init__.pyMartin Matusiak
2014-09-29Fixed #23489 -- Added numpy 1.9+ support in template lookupsTim Graham
2014-09-05Limited lines to 119 characters in django/Tim Graham
refs #23395.
2014-08-26Added exception name in debug error messageClaude Paroz
This can help when some exception has no error message.
2014-08-19Fixed #10190 -- Made HttpResponse charset customizable.Unai Zalakain
Thanks to Simon Charette, Aymeric Augustin, and Tim Graham for reviews and contributions.
2014-08-14Fixed #23260: Added generator support to defaultfilters.unordered_list.Jaap Roes